Fix glitches while testing the Security Perspective with LDAP backend

[lgpl/argeo-commons.git] / org.argeo.security.core / src / org / argeo / osgi / useradmin / LdifParser.java

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
index 56bdb54e39adbc992ca14bda6df1ce59397cf6b6..da793adcebec4b05ff159c1b21d47ed4131ae64a 100644 (file)
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java
@@ -1,5 +1,7 @@
 package org.argeo.osgi.useradmin;
 
+import static org.argeo.osgi.useradmin.LdifName.dn;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.List;
@@ -7,11 +9,13 @@ import java.util.SortedMap;
 import java.util.TreeMap;
 
 import javax.naming.InvalidNameException;
+import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 import javax.naming.ldap.LdapName;
+import javax.naming.ldap.Rdn;
 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.io.IOUtils;
@@ -22,6 +26,32 @@ import org.apache.commons.logging.LogFactory;
 class LdifParser {
        private final static Log log = LogFactory.getLog(LdifParser.class);
 
+       protected Attributes addAttributes(SortedMap<LdapName, Attributes> res,
+                       int lineNumber, LdapName currentDn, Attributes currentAttributes) {
+               try {
+                       Rdn nameRdn = currentDn.getRdn(currentDn.size() - 1);
+                       Attribute nameAttr = currentAttributes.get(nameRdn.getType());
+                       if (nameAttr == null)
+                               currentAttributes.put(nameRdn.getType(), nameRdn.getValue());
+                       else if (!nameAttr.get().equals(nameRdn.getValue()))
+                               throw new UserDirectoryException("Attribute "
+                                               + nameAttr.getID() + "=" + nameAttr.get()
+                                               + " not consistent with DN " + currentDn
+                                               + " (shortly before line " + lineNumber
+                                               + " in LDIF file)");
+                       Attributes previous = res.put(currentDn, currentAttributes);
+                       if (log.isTraceEnabled())
+                               log.trace("Added " + currentDn);
+                       return previous;
+               } catch (NamingException e) {
+                       throw new UserDirectoryException("Cannot add " + currentDn, e);
+               }
+       }
+
+       static void checkDnConsistency() {
+
+       }
+
        SortedMap<LdapName, Attributes> read(InputStream in) throws IOException {
                SortedMap<LdapName, Attributes> res = new TreeMap<LdapName, Attributes>();
                try {
@@ -68,12 +98,13 @@ class LdifParser {
                                                        .decodeBase64(cleanValueStr) : cleanValueStr;
 
                                        // manage DN attributes
-                                       if (attributeId.equals("dn") || isLastLine) {
+                                       if (attributeId.equals(dn.name()) || isLastLine) {
                                                if (currentDn != null) {
-                                                       Attributes previous = res.put(currentDn,
-                                                                       currentAttributes);
-                                                       if (log.isTraceEnabled())
-                                                               log.trace("Added " + currentDn);
+                                                       //
+                                                       // ADD
+                                                       //
+                                                       Attributes previous = addAttributes(res,
+                                                                       lineNumber, currentDn, currentAttributes);
                                                        if (previous != null) {
                                                                log.warn("There was already an entry with DN "
                                                                                + currentDn
@@ -81,11 +112,11 @@ class LdifParser {
                                                        }
                                                }
 
-                                               if (attributeId.equals("dn"))
+                                               if (attributeId.equals(dn.name()))
                                                        try {
                                                                currentDn = new LdapName(
                                                                                attributeValue.toString());
-                                                               currentAttributes = new BasicAttributes();
+                                                               currentAttributes = new BasicAttributes(true);
                                                        } catch (InvalidNameException e) {
                                                                log.error(attributeValue
                                                                                + " not a valid DN, skipping the entry.");